Next: vnc_sec_certificate, Previous: vnc_sec_none, Up: vnc_security
The VNC protocol has limited support for password based authentication. Since
the protocol limits passwords to 8 characters it should not be considered
to provide high security. The password can be fairly easily brute-forced by
a client making repeat connections. For this reason, a VNC server using password
authentication should be restricted to only listen on the loopback interface
or UNIX domain sockets. Password ayuthentication is requested with the password
option, and then once QEMU is running the password is set with the monitor. Until
the monitor is used to set the password all clients will be rejected.
qemu [...OPTIONS...] -vnc :1,password -monitor stdio (qemu) change vnc password Password: ******** (qemu)